internal static bool Parse(KerberosAuthorizationDataPACEntryType type, byte[] data, out KerberosAuthorizationDataPACEntry entry) { entry = null; try { var set = ClaimSetMetadataParser.Decode(new NdrPickledType(data)); if (!set.HasValue || set.Value.ClaimsSet == null || set.Value.usCompressionFormat != 0) { return(false); } var claims = ClaimSetParser.Decode(new NdrPickledType(set.Value.ClaimsSet)); if (!claims.HasValue || claims.Value.ClaimsArrays == null) { return(false); } List <KerberosClaimsArray> claims_array = new List <KerberosClaimsArray>(); foreach (var claim in claims.Value.ClaimsArrays.GetValue()) { KerberosClaimsSource source = (KerberosClaimsSource)claim.usClaimsSourceType.Value; claims_array.Add(new KerberosClaimsArray(source, claim.ClaimEntries.GetValue().Select(ConvertToClaim))); } entry = new KerberosAuthorizationDataPACClaimSet(type, data, claims_array.AsReadOnly()); return(true); } catch { return(false); } }
internal static bool Parse(KerberosAuthorizationDataPACEntryType type, byte[] data, out KerberosAuthorizationDataPACEntry entry) { entry = null; if (data.Length < 12) { return(false); } int upn_length = BitConverter.ToUInt16(data, 0); int upn_offset = BitConverter.ToUInt16(data, 2); int dns_length = BitConverter.ToUInt16(data, 4); int dns_offset = BitConverter.ToUInt16(data, 6); KerberosUpnDnsInfoFlags flags = (KerberosUpnDnsInfoFlags)BitConverter.ToInt32(data, 8); if (upn_length + upn_offset > data.Length || dns_length + dns_offset > data.Length) { return(false); } string upn = Encoding.Unicode.GetString(data, upn_offset, upn_length); string dns = Encoding.Unicode.GetString(data, dns_offset, dns_length); entry = new KerberosAuthorizationDataPACUpnDnsInfo(type, data, flags, upn, dns); return(true); }
private KerberosAuthorizationDataPACSignature(KerberosAuthorizationDataPACEntryType type, byte[] data, KerberosChecksumType sig_type, byte[] signature, int?rodc_id) : base(type, data) { SignatureType = sig_type; Signature = signature; RODCIdentifier = rodc_id; }
private KerberosAuthorizationDataPACUpnDnsInfo(KerberosAuthorizationDataPACEntryType type, byte[] data, KerberosUpnDnsInfoFlags flags, string upn, string dns) : base(type, data) { Flags = flags; UserPrincipalName = upn; DnsDomainName = dns; }
internal static bool Parse(KerberosAuthorizationDataPACEntryType type, byte[] data, out KerberosAuthorizationDataPACEntry entry) { entry = null; try { var info = KerbValidationInfoParser.Decode(new NdrPickledType(data)); if (!info.HasValue) { return(false); } entry = new KerberosAuthorizationDataPACLogon(type, data, info.Value); return(true); } catch { return(false); } }
internal static bool Parse(KerberosAuthorizationDataPACEntryType type, byte[] data, out KerberosAuthorizationDataPACEntry entry) { entry = null; if (data.Length < 10) { return(false); } long client_id = BitConverter.ToInt64(data, 0); int name_length = BitConverter.ToUInt16(data, 8); if (name_length + 10 > data.Length) { return(false); } string name = Encoding.Unicode.GetString(data, 10, name_length); entry = new KerberosAuthorizationDataPACClientInfo(type, data, client_id, name); return(true); }
internal static bool Parse(KerberosAuthorizationDataPACEntryType type, byte[] data, out KerberosAuthorizationDataPACEntry entry) { entry = null; if (data.Length < 4) { return(false); } int signature_length = 0; KerberosChecksumType signature_type = (KerberosChecksumType)BitConverter.ToInt32(data, 0); switch (signature_type) { case KerberosChecksumType.HMAC_MD5: signature_length = 16; break; case KerberosChecksumType.HMAC_SHA1_96_AES_128: case KerberosChecksumType.HMAC_SHA1_96_AES_256: signature_length = 12; break; default: signature_length = data.Length - 4; break; } byte[] signature = new byte[signature_length]; Buffer.BlockCopy(data, 4, signature, 0, signature_length); int?rodc_id = null; int total_size = 4 + signature_length; if (data.Length - total_size >= 2) { rodc_id = BitConverter.ToUInt16(data, total_size); } entry = new KerberosAuthorizationDataPACSignature(type, data, signature_type, signature, rodc_id); return(true); }
internal KerberosAuthorizationDataPACEntry(KerberosAuthorizationDataPACEntryType type, byte[] data) { PACType = type; Data = data; }
private KerberosAuthorizationDataPACClaimSet(KerberosAuthorizationDataPACEntryType type, byte[] data, IReadOnlyList <KerberosClaimsArray> claims_array) : base(type, data) { ClaimsArray = claims_array; }
internal static bool Parse(byte[] data, out KerberosAuthorizationDataPAC auth_data) { auth_data = null; if (data.Length < 8) { return(false); } BinaryReader reader = new BinaryReader(new MemoryStream(data)); long count = reader.ReadInt32(); int version = reader.ReadInt32(); if (version != 0) { return(false); } if (reader.RemainingLength() < count * 16) { return(false); } List <KerberosAuthorizationDataPACEntry> entries = new List <KerberosAuthorizationDataPACEntry>(); for (long i = 0; i < count; ++i) { int type = reader.ReadInt32(); int length = reader.ReadInt32(); long offset = reader.ReadInt64(); if (offset >= data.LongLength || (offset + length) > data.LongLength) { return(false); } byte[] entry_data = new byte[length]; Buffer.BlockCopy(data, (int)offset, entry_data, 0, length); KerberosAuthorizationDataPACEntryType entry_type = (KerberosAuthorizationDataPACEntryType)type; KerberosAuthorizationDataPACEntry pac_entry = null; switch (entry_type) { case KerberosAuthorizationDataPACEntryType.UserClaims: case KerberosAuthorizationDataPACEntryType.DeviceClaims: if (!KerberosAuthorizationDataPACClaimSet.Parse(entry_type, entry_data, out pac_entry)) { pac_entry = null; } break; case KerberosAuthorizationDataPACEntryType.KDCChecksum: case KerberosAuthorizationDataPACEntryType.ServerChecksum: if (!KerberosAuthorizationDataPACSignature.Parse(entry_type, entry_data, out pac_entry)) { pac_entry = null; } break; case KerberosAuthorizationDataPACEntryType.ClientInfo: if (!KerberosAuthorizationDataPACClientInfo.Parse(entry_type, entry_data, out pac_entry)) { pac_entry = null; } break; case KerberosAuthorizationDataPACEntryType.UserPrincipalName: if (!KerberosAuthorizationDataPACUpnDnsInfo.Parse(entry_type, entry_data, out pac_entry)) { pac_entry = null; } break; } if (pac_entry == null) { pac_entry = new KerberosAuthorizationDataPACEntry(entry_type, entry_data); } entries.Add(pac_entry); } auth_data = new KerberosAuthorizationDataPAC(data, entries.AsReadOnly()); return(true); }
internal KerberosAuthorizationDataPACLogon(KerberosAuthorizationDataPACEntryType type, byte[] data, KERB_VALIDATION_INFO logon_info) : base(type, data) { LogonTime = logon_info.LogonTime.ToTime(); LogoffTime = logon_info.LogoffTime.ToTime(); KickOffTime = logon_info.KickOffTime.ToTime(); PasswordLastSet = logon_info.PasswordLastSet.ToTime(); PasswordCanChange = logon_info.PasswordCanChange.ToTime(); PasswordMustChange = logon_info.PasswordMustChange.ToTime(); EffectiveName = logon_info.EffectiveName.ToString(); FullName = logon_info.FullName.ToString(); LogonScript = logon_info.LogonScript.ToString(); ProfilePath = logon_info.ProfilePath.ToString(); HomeDirectory = logon_info.HomeDirectory.ToString(); HomeDirectoryDrive = logon_info.HomeDirectoryDrive.ToString(); LogonCount = logon_info.LogonCount; BadPasswordCount = logon_info.BadPasswordCount; LogonDomainSid = logon_info.LogonDomainId.GetValue().ToSid(); LogonDomainName = logon_info.LogonDomainName.ToString(); User = LogonDomainSid.CreateRelative((uint)logon_info.UserId); PrimaryGroup = LogonDomainSid.CreateRelative((uint)logon_info.PrimaryGroupId); if (logon_info.GroupIds != null) { Groups = logon_info.GroupIds.GetValue().Select(r => new UserGroup(LogonDomainSid.CreateRelative((uint)r.RelativeId), (GroupAttributes)r.Attributes)).ToList().AsReadOnly(); } else { Groups = new UserGroup[0]; } UserFlags = (KerberosUserFlags)logon_info.UserFlags; List <sbyte> session_key = new List <sbyte>(); if (logon_info.UserSessionKey.data != null) { foreach (var key in logon_info.UserSessionKey.data) { if (key.data != null) { session_key.AddRange(key.data); } } } UserSessionKey = (byte[])(object)session_key.ToArray(); LogonServer = logon_info.LogonServer.ToString(); LogonDomainName = logon_info.LogonDomainName.ToString(); if (logon_info.ExtraSids != null) { ExtraSids = logon_info.ExtraSids.GetValue().Select(r => new UserGroup(r.Sid.GetValue().ToSid(), (GroupAttributes)r.Attributes)).ToList().AsReadOnly(); } else { ExtraSids = new UserGroup[0]; } UserAccountControl = (UserAccountControlFlags)logon_info.UserAccountControl; if (logon_info.ResourceGroupDomainSid != null) { ResourceGroupDomainSid = logon_info.ResourceGroupDomainSid.GetValue().ToSid(); } if (logon_info.ResourceGroupIds != null) { ResourceGroups = logon_info.ResourceGroupIds.GetValue().Select(r => new UserGroup(LogonDomainSid.CreateRelative((uint)r.RelativeId), (GroupAttributes)r.Attributes)).ToList().AsReadOnly(); } else { ResourceGroups = new UserGroup[0]; } }
private KerberosAuthorizationDataPACClientInfo(KerberosAuthorizationDataPACEntryType type, byte[] data, long client_id, string name) : base(type, data) { ClientId = client_id; Name = name; }